31 matches found
ROOT-OS-DEBIAN-11-CVE-2026-25210 CVE-2026-25210 in rootio-expat - Patched by Root
Root has patched CVE-2026-25210 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...
Siemens RUGGEDCOM RST2428P Integer Overflow or Wraparound (CVE-2026-25210)
In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
EulerOS Virtualization 2.10.0 : expat (EulerOS-SA-2026-2045)
According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...
EulerOS Virtualization 2.12.0 : expat (EulerOS-SA-2026-2098)
According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...
EulerOS Virtualization 2.10.1 : expat (EulerOS-SA-2026-2018)
According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...
EulerOS Virtualization 2.13.1 : expat (EulerOS-SA-2026-2124)
According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...
CLEANSTART-2026-RO34407 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0
Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-HL08143 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0
Multiple security vulnerabilities affect the apache-zookeeper package. These issues are resolved in later releases. See references for individual vulnerability details...
CLSA-2026-1774283473 Fix CVE(s): CVE-2026-25210
SECURITY UPDATE: Improve determination of buffer size bufSize in function doContent - debian/patches/CVE-2026-25210.patch: fix integer overflow in doContent tag buffer reallocation - CVE-2026-25210...
CLSA-2026-1774009875 Fix CVE(s): CVE-2026-25210
SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210...
CLSA-2026-1774006814 expat: Fix of CVE-2026-25210
CVE-2026-25210: fix integer overflow in tag buffer reallocation in doContent...
CLSA-2026-1773924658 expat: Fix of CVE-2026-25210
Fix CVE-2026-25210: integer overflow in doContent tag buffer reallocation...
Security Bulletin: AIX/VIOS Python is vulnerable to a null pointer dereference (CVE-2026-24515) and an integer overflow (CVE-2026-25210)
Summary Vulnerabilities in Python could cause a null pointer dereference CVE-2026-24515 or an integer overflow CVE-2026-25210. Python is used by AIX as part of Ansible node management automation. Vulnerability Details CVEID:CVE-2026-24515 DESCRIPTION: In libexpat before 2.7.4,...
AIX Python is vulnerable to a null pointer dereference (CVE-2026-24515) and an integer overflow (CVE-2026-25210)
IBM SECURITY ADVISORY First Issued: Tue Mar 17 15:18:12 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/pythonadvisory18.asc Security Bulletin: AIX Python is vulnerable to a null pointer dereference CVE-2026-24515 and an intege...
AIX Perl is vulnerable to a null pointer dereference (CVE-2026-24515) and an integer overflow (CVE-2026-25210)
IBM SECURITY ADVISORY First Issued: Tue Mar 17 15:13:56 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/perladvisory13.asc Security Bulletin: AIX Perl is vulnerable to a null pointer dereference CVE-2026-24515 and an integer...
openSUSE Security Advisory (SUSE-SU-2026:0826-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2026:20627-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 16 Security Update : expat (openSUSE-SU-2026:20306-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20306-1 advisory. - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. -...
Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2026-1425)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1425 advisory. In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. CVE-2026-25210 Tenable has...
Medium: expat
Issue Overview: In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. CVE-2026-25210 Affected Packages: expat Note: This advisory is applicable to Amazon Linux 2 AL2 Core...